Tesla is partnering with Pwn2Own’s bug bounty to identify vulnerabilities in its Model 3 car software.
Electric car maker Tesla announced recently that the company is partnering with Pwn2Own hacking contest organizers in order to help the company identify security issues in its automobiles. Tesla will be a partner in the Pwn2Own bug bounty program and the first person who can identify a serious security issue in Tesla’s vehicle will be awarded a Model 3 car.
The announcement was made at the annual CanSecWest conference held in Vancouver, Canada. The bug bounty program will be offering bug money to hackers who can find issues in the Model 3 car from Tesla.
Hackers can win prize money between $35,000 and $250,000 by discovering vulnerabilities in Model 3 car’s software. Those who can identify a previously unreported bug can expect reward money between $100 and $15,000 while successful researchers’ name will feature on Tesla’s official website’s Hall of Fame.
Trend Micro’s cyber security department’s senior director of vulnerability research, Brian Gornec, stated about Pwn2Own:
“Since 2007, Pwn2Own has become an industry-leading contest that encourages new areas of vulnerability research on today’s most critical platforms. Over the years we have added new targets and categories to direct research efforts toward areas of growing concern for businesses and consumers. This year, we’ve partnered with some of the biggest names in technology to further this commitment and continue driving relevant vulnerability research.”
It is worth noting that Tesla isn’t launching its own bug bounty program for Model 3 but has only partnered with Pwn2Own, which is a hacking contest that is held every year for the past 13 years. While detailing previous bug bounties on its website the company said they want to “verify, reproduce, and respond to legitimate reported vulnerabilities.”
Hackers who can identify flaws in Model 3’s onboard systems will receive $250,000 while the top prize will be awarded to the hacker(s) who can execute code on the vehicle’s autopilot system that is responsible for managing many autonomous systems of the car including lane changing and parking.
Hackers who can exploit the control area network or the CAN bus of the Model 3 car will receive $100,000 and those who can launch a denial-of-service (DDoS) attack against Tesla will receive $50,000. By hacking the car’s infotainment system, hackers can receive as much as $30,000. There are many other categories including hack attacks on Bluetooth and WiFi connection that has reward money of $60,000.